AI and GDPR: Data-Protection Essentials for Small Firms

Q: Do I need a data-processing agreement (DPA) with an AI vendor?

Yes. Whenever you let a third party process personal data on your behalf, UK GDPR requires a written agreement, called a data-processing agreement or DPA, covering how they handle it. Business and enterprise tiers normally include one; most free tools do not.

Q: Which GDPR principles still apply when using AI?

All of them. Lawful basis, transparency, fairness, accuracy, security and accountability apply the moment personal data enters the tool. There is no lighter regime for small firms; the obligations scale with the risk of what you are doing, not the size of your company.

Q: How much client data should go into an AI tool?

As little as the task needs. Data minimisation means only entering what is genuinely required. Tipping a customer's name, contact details or payment information into a consumer tool can itself be a breach, because you have disclosed personal data to a third party without a basis for it.

Q: What about special category data like health information?

Special category data, such as health information, needs extra care. It raises the risk considerably and should stay out of general AI tools unless your contract and tier explicitly allow it.

Q: Does the AI tool train on the data I enter?

It depends on the tier. On commercial business products your inputs and outputs are generally not used to train the model by default; on free and consumer tiers the terms are usually weaker. Not used for training does not mean not stored, so check the retention terms as well.

Q: Does my data leave the UK when I use AI tools?

Often, yes. Most well-known tools route data through US infrastructure, which makes it a restricted transfer under UK law, normally handled by safeguards in the vendor agreement. If your sector or a client contract requires data to stay in the UK or EU, check the provider's regions rather than assuming.

Q: Do I need a data protection impact assessment (DPIA) for AI?

A DPIA, or data protection impact assessment, is legally required before high-risk processing, and AI often meets the triggers: new technology, large-scale or special-category data, or profiling that significantly affects people. A short, proportionate assessment is the sensible default, and the ICO publishes screening checklists to help.

Q: Can AI make automated decisions about people under UK GDPR?

Yes, with safeguards. The Data (Use and Access) Act 2025 amended UK GDPR, with most provisions taking effect on 5 February 2026. Solely automated decisions on ordinary, non-special-category data are broadly permitted where you tell people, let them make representations, offer human intervention, and allow them to contest the outcome. Name a person who can genuinely review and overrule any decision that materially affects someone.

Q: What security basics matter most for AI?

The same hygiene you already owe clients: tested backups, multi-factor authentication, automatic updates, and strong, unique passwords in a password manager. On top of that, allow only approved business-tier tools for sensitive work, write down a simple data classification, and keep a human check on anything before it leaves the business.

The rules do not change because the tool is AI. The moment a member of your team puts personal or client data into an AI tool, your business is the data controller for it and UK GDPR applies in full. The single most important practical step is to use a paid business or enterprise tier, which comes with a data-processing agreement and does not train on your data, and to keep client information out of free consumer tools.

That is the essentials in one paragraph. Here is what sits underneath it, in plain English. This is general guidance rather than legal advice; for anything high-stakes, check your specific situation with a data-protection specialist.

Who is the data controller when staff use an AI tool?

When your business decides to put personal data into an AI tool, you are the data controller and the provider is acting as your processor. That relationship is what keeps the provider working to your instructions, and it only exists properly on the right tier. A staff member pasting client details into a free consumer chatbot bypasses it entirely.

Do I need a data-processing agreement (DPA) with an AI vendor?

Whenever you let a third party process personal data on your behalf, UK GDPR requires a written agreement, called a data-processing agreement or DPA, covering how they handle it. Business and enterprise tiers normally include one; most free tools do not. A vendor who cannot give you a data-processing agreement is a clear signal to walk away for anything involving personal data.

Which GDPR principles still apply when using AI?

The core principles apply unchanged. Lawful basis, transparency, fairness, accuracy, security and accountability all still apply the moment personal data enters the tool. There is no lighter regime for small firms; the obligations scale with the risk of what you are doing, not the size of your company.

How much client data should go into an AI tool?

Put in less, not more. Data minimisation means only entering what the task genuinely needs. Tipping a customer's name, contact details or payment information into a consumer tool can itself be a breach, because you have disclosed personal data to a third party without a basis for it.

What about special category data like health information?

Special category data needs extra care. Anything like health information raises the risk considerably and should stay out of general AI tools unless your contract and tier explicitly allow it.

Does the AI tool train on the data I enter?

This is the decisive difference between consumer and business tiers. On commercial products, your inputs and outputs are generally not used to train the model by default; on free and consumer tiers the terms are usually weaker. Worth knowing, too, that "not used for training" does not mean "not stored," since a provider may still retain data for a period to monitor for misuse, so check the retention terms as well.

Does my data leave the UK when I use AI tools?

Most of the well-known tools route data through US infrastructure, which makes it a restricted transfer under UK law, normally handled by safeguards inside the vendor's agreement. If your sector or a client contract requires the data to stay in the UK or EU, do not assume that it does; check the provider's regions, because residency usually has to be arranged rather than taken for granted.

Do I need a data protection impact assessment (DPIA) for AI?

A data protection impact assessment, or DPIA, is legally required before high-risk processing, and AI often meets the triggers: new technology, large-scale or special-category data, or profiling that significantly affects people. A short, proportionate assessment is the sensible default, and the ICO publishes screening checklists to help.

Can AI make automated decisions about people under UK GDPR?

This is the part most likely to be out of date in older guides. The Data (Use and Access) Act 2025 amended UK GDPR, with most data-protection provisions taking effect on 5 February 2026. From that date, solely automated decisions on ordinary, non-special-category data are broadly permitted where you put safeguards in place: telling people, letting them make representations, offering human intervention, and a right to contest the outcome. In short, if AI output feeds a decision that materially affects someone, name a person who can genuinely review and overrule it. This is now an area where the UK diverges from the EU, so UK compliance does not automatically mean EU compliance.

What security basics matter most for AI?

The unglamorous security basics still matter most. Most of the security work AI requires is the hygiene you already owe your clients: tested backups, multi-factor authentication on every account, automatic updates, and strong, unique passwords in a password manager. On top of that, three AI-specific habits: allow only approved, business-tier tools for anything sensitive; write down a simple data classification (for example public, internal and restricted) so people know what may go where; and keep a human check on anything before it leaves the business. The biggest real-world exposure is not a clever attack; it is staff quietly using free tools, and the fix is to give them a safe, sanctioned one rather than a ban.

How do I keep AI and GDPR compliance up to date?

Two things move quickly here. Vendor terms change, so any decision needs a review date rather than a one-off sign-off, and the ICO's detailed AI guidance is itself under revision through 2025 and 2026, so it is worth checking the regulator's current position before relying on a specific point.

Done this way, "are we GDPR-compliant with AI?" stops being a vague worry and becomes a short set of decisions you can show a client, an insurer or the regulator: the right tier, an agreement in place, data classified, transfers handled, and a person accountable for anything that matters. If it would help to map that for your firm, that is exactly the kind of contained, sensible setup a discovery call can work through.

Sources: the Data (Use and Access) Act 2025 (legislation.gov.uk); ICO guidance on AI and data protection, on data protection impact assessments, and on the Data (Use and Access) Act 2025. General guidance, not legal advice; for anything high-stakes, check your specific situation with a data-protection specialist.

AI and GDPR: the data-protection essentials for small businesses